We can create and use forms in PHP. To get form data, we have to use PHP superglobals $_GET and $_POST.
PHP Form Validation With Example
In this unit, we see a complete PHP Form with validations.
Form validation is one of the major parts of web development in PHP. There are many vulnerabilities and exploits available that must be taken care of while submitting a PHP form. Otherwise, unwanted viruses and malware can harm the PHP host server and database.
Must Read: PHP Form Email Validation
Simple PHP Registration Form Validation
Here, we will create a simple general-purpose registration form in PHP and MySQL with essential validations.
Example
<!DOCTYPE html>
<html>
<head>
<style>
.error {color: #FF0001;}
</style>
</head>
<body>
<?php
// define variables to empty values
$nameErr = $emailErr = $mobilenoErr = $genderErr = $websiteErr = $hobbyErr = "";
$name = $email = $mobileno = $gender = $website = $hobby = "";
//Input fields validation
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
//String Validation
if (empty($_POST["name"]))
{
$nameErr = "Name is required";
}
else
{
$name = input_data($_POST["name"]);
// check if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$name))
{
$nameErr = "Only alphabets and white space are allowed";
}
}
//Email Validation
if (empty($_POST["email"]))
{
$emailErr = "Email is required";
}
else
{
$email = input_data($_POST["email"]);
// check that the e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
{
$emailErr = "Invalid email format";
}
}
//Number Validation
if (empty($_POST["mobileno"]))
{
$mobilenoErr = "Mobile no is required";
}
else
{
$mobileno = input_data($_POST["mobileno"]);
// check if mobile no is well-formed
if (!preg_match ("/^[0-9]*$/", $mobileno) )
{
$mobilenoErr = "Only numeric value is allowed.";
}
//check mobile no length should not be less and greator than 10
if (strlen ($mobileno) != 10)
{
$mobilenoErr = "Mobile no must contain 10 digits.";
}
}
//URL Validation
if (empty($_POST["website"]))
{
$website = "";
}
else
{
$website = input_data($_POST["website"]);
// check if URL address syntax is valid
if (!preg_match("/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/i",$website)){
$websiteErr = "Invalid URL";
}
}
//Empty Field Validation
if (empty ($_POST["gender"]))
{
$genderErr = "Gender is required"; }
else
{
$gender = input_data($_POST["gender"]);
}
//Checkbox Validation
if (!isset($_POST['hobbies']))
{
$hobbyErr = "You must select hobby.";
}
else
{
$hobby = input_data($_POST["hobbies"]);
}
}
function input_data($data){
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<h2>Registration Form</h2>
<span class = "error">* required field </span>
<br><br>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" >
Name:
<input type="text" name="name">
<span class="error">* <?php echo $nameErr; ?> </span>
<br><br>
E-mail:
<input type="text" name="email">
<span class="error">* <?php echo $emailErr; ?> </span>
<br><br>
Mobile No:
<input type="text" name="mobileno">
<span class="error">* <?php echo $mobilenoErr; ?> </span>
<br><br>
Website:
<input type="text" name="website">
<span class="error"><?php echo $websiteErr; ?> </span>
<br><br>
Gender:
<input type="radio" name="gender" value="male"> Male
<input type="radio" name="gender" value="female"> Female
<input type="radio" name="gender" value="other"> Other
<span class="error">* <?php echo $genderErr; ?> </span>
<br><br>
Hobbies:
<input type="checkbox" name="hobbies" value="Reading"> Reading
<input type="checkbox" name="hobbies" value="Writing"> Writing
<input type="checkbox" name="hobbies" value="Playing"> Playing
<span class="error">* <?php echo $hobbyErr; ?> </span>
<br><br>
<input type="submit" name="submit" value="Submit">
<br><br>
</form>
<?php
if(isset($_POST['submit'])) {
if($nameErr == "" && $emailErr == "" && $mobilenoErr == "" && $genderErr == "" && $websiteErr == "" && $hobbyErr == ""){
echo "<h3 color = #FF0001> <b>You have sucessfully registered.</b> </h3>";
echo "<h2>Your Input:</h2>";
echo "Name: " .$name;
echo "<br>";
echo "Email: " .$email;
echo "<br>";
echo "Mobile No: " .$mobileno;
echo "<br>";
echo "Website: " .$website;
echo "<br>";
echo "Gender: " .$gender;
echo "<br>";
echo "Hobby: " .$hobby;
}
else
{
echo "<h3> <b>You didn't filled up the form correctly.</b> </h3>";
}
}
?>
</body>
</html>
Output
Registration form before submission
Registration form after submission
Conclusion
In this article, we learnt all about the Complete Form and how to apply different validations on input fields using PHP.
I hope you find this article helpful 🙂
